Hi sc-l, You've all heard me say that I think Online Game Security is a harbinger of things to come in software security as we move into SOA and more "heavy-client" distributed system design. I wrote this idea up more thoroughly for the Attack Trends department in IEEE S&P.
The resulting article will be published in the next issue, but meanwhile a copy is available here (you're welcome to distribute it): http://www.cigital.com/papers/download/attack-trends-EOG.pdf Get ready, here come the time and state errors! BTW, everyone on this list should subscribe to IEEE S&P magazine (which also publishes silver bullet interviews and building security in). Here's a URL for that: www.computer.org/services/nonmem/spbnr gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com Exploiting Online Games www.exploitingonlinegames.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
